Successfully managing Cybersecurity projects in the Age of AI

Managing cybersecurity projects in the age of AI has become more demanding. The stakes are higher. The cost to recover from a successful cyberattack is typically millions of dollars. The damage to reputation is significant but difficult to estimate.

In the age of large language models (LLMs) and generative AI, organizations must confront the security implications associated with these powerful technologies. Widespread attacker adoption of these technologies requires heightened responses to:

• Raise cybersecurity defences.
• Maintain data privacy.
• Prevent data breaches and ransomware attacks.
• Shorten recovery time after a successful attack.
• Reduce risks posed by shadow AI.

On a more positive note, adding LLMs and AI features to your cybersecurity defences can strengthen your organization’s defences against cybercriminals and keep its data safe.

Here’s a list of topics cybersecurity project managers should address with their teams in their project management plan to ensure a successful cybersecurity project.

Project management best practices apply

Cybersecurity projects, with or without an LLM and AI, are not different from other IT projects. Sometimes, project teams convince themselves that cybersecurity projects are so profoundly technical that specialized individuals should be let loose to deliver them and that project management best practices don’t apply.

Don’t fall into this trap. Some cybersecurity deliverables are deeply technical. However, that’s a reason to emphasize project management best practices, not abandon them.

Data scientists require management

Your data scientists will be valued members of the cybersecurity project team. However, as their name states, these individuals are scientists, not IT professionals. Their culture, education, work practices, organization expectations, attitudes, and reward systems differ from those of IT professionals. These differences can lead to conflicts and performance frustrations.

Project managers can mitigate these risks by coaching data scientists to:

• Focus on the cybersecurity deliverables and not be distracted by the many exciting insights they discover in the data.
• Restrict their work to the project scope and not explore the many enticing ideas that emerge during design discussions.
• Build robust software and avoid too many exploratory prototypes.
• Raise cybersecurity defenses and abandon the urge to write an academic paper about their project learnings.

Cybersecurity project risks

Project managers face the usual project risks plus a few new ones when managing cybersecurity projects. The risks include:

Project scope risks

To dramatically reduce cybersecurity risks, anxious stakeholders often push the cybersecurity project team to deliver an ambitious scope that exceeds the organization’s skills and budget. The project team can reduce anxieties and facilitate a more factual discussion to refine the scope by:

• Achieving a consensus that the project goal is to raise the organization’s cybersecurity defences because attackers are using AI and ML technology to mount more sophisticated attacks.
• Evaluating your organization’s cybersecurity defences using one of several mature cybersecurity frameworks. Your findings will be a list of gaps the team can prioritize for attention and use to build a scope consensus with stakeholders.
• Conducting a cybersecurity risk assessment. The team can use your prioritized risk list to build a functionality release plan that mitigates the higher impact risks and can be completed within the available project budget.
• Achieving a consensus that your project will use LLMs to strengthen the organization’s cybersecurity defences.

Project team skills and experience risks

Cybersecurity and AI/ML skills and experience are in demand as most organizations seek to raise their defences and reduce risks. Every recruiting website is overflowing with job postings. This situation will make it difficult to staff your project team with the desired skills and experience.

Your staffing risks can be addressed by:

• Increasing compensation of project team members.
• Hiring understudies for some project team members.
• Planning for team turnover as some members are headhunted.
• Conducting a formal on-site training program.
• Enrolling project team members in various certification programs.

LLM vendor and software risks

Most organizations will license a vendor LLM and supporting software to raise their cybersecurity defenses rather than build their own LLM and supporting software.

The project team can thoroughly evaluate the functionality of shortlisted LLMs and related software to reduce the risk of contracting for an inadequate or inappropriate LLM. Please read the article below for an extensive discussion of evaluation criteria to compare LLMs for your project.

Project managers will carefully reduce expectations with their project sponsors and stakeholders because difficulties will arise with such immature software.

Software stability risks

The AI- and ML-enhanced cybersecurity software vendors offer is brand new and has not been tested rigorously. The paint is likely still drying. Vendors are working overtime to add functionality to their products as LLMs advance rapidly. To mitigate the risks of basing your project on unstable software, the project team should:

• Budget to test software thoroughly.
• Expect to install multiple software releases during the course of the project.
• Monitor the vendor’s software release notes regularly.
• Ensure that the team can roll back software to a previous version.
• Only promote software from test to production when the IT cybersecurity team is satisfied that it works reliably.

Software customization risks

Don’t customize cybersecurity software packages. It’s expensive and problem-prone. The biggest cost is re-applying the customizations for each new software version the vendor provides. This risk can be addressed by:

• Ensuring that the project team develops a comprehensive list of selection criteria to evaluate software packages. This list mitigates the risk of choosing software that won’t fit the requirements.
• Including a statement in the project charter that the organization will adopt the cybersecurity management processes implicit in selected software packages.
• Including a statement in the project charter that the project team will not customize cybersecurity software packages.
• Participating in software vendors’ customer advisory groups to propose new functionality the organization needs.

Do not confuse configuring software with customizing software. Configuring software involves setting values for variables the software package offers to tailor its operation. Customizing software is about writing and integrating new source code into the software package.

Management expectations risks

Senior management expectations for project costs, functionality and elapsed time often exceed available budget and organization capacity. This risk applies to cybersecurity projects because of management’s lack of familiarity with such projects. Project managers can narrow the gap between expectations and reality by:

• Educating management on cybersecurity risks using summary case studies and not exaggerating.
• Having the team create a functionality release plan that illustrates how each release contributes to raising cybersecurity defenses.
• Reminding management that cybersecurity risk has already been partially addressed through previous work.

Project managers and their teams can deliver successful cybersecurity projects by proactively adhering to project management best practices and mitigating project risks.

What ideas can you contribute to help project managers manage cybersecurity projects? We’d love to hear your opinion. You can share that with us below. Select the checkmark for agreement or the X for disagreement. In either case, you’ll be asked if you also want to send your comments directly to our editorial team.